Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

3 comments on “Why that “Unimportant” Account Matters”

  1. Absolutely right, and since there are several excellent free password managers around, there’s no excuse.

    Except there is, and here goes my pet rant : most sites don’t disclose their password rules, and most of them have thoroughly stupid rules. Such as too short passwords, forbidden characters or character sets, compulsory characters or diversity of characters, and so on and so forth.

    So, before setting up a password with my password manager’s generator, I always need to type 1234 etc., into the password field, in order to know at least the length limit. This is a major PITA, and thousands of website administrators should be summarily shot for that.

    Some sites are even more perverted : they allow you to register a 30-character password, for instance, but in fact, the internal limit may be 20 characters. So they either truncate your password (and it works), or… you’re locked out the first time you try to login !

    Again, I think we should bring back the Gestapo, and round up a few hundred suspects, just to teach a lesson to the others.

    Nothing less than no length limit and no character rules at all will do. They have no excuses anymore. It might have been the case 30 years ago, but not with the current technology. At the very least, fix a ridiculously high limit, such as 1 000 characters, that nobody will ever hit.

  2. I am one of those really don’t give a rip users. I use pass word managers and tough PWs for important sites, but could care less about many retailer one web sites that want me create an account. If that account gets compromised, tough luck. Many of those places are a one time need/purchase.
    As for PW managers they don’t work all the time. I am not a good typer so complicated PWs are hard to input. To many web sites don’t allow PW managers to auto fill so the manager must be opened up to copy. Sometimes they overwrite a PW when you fill in “secret” information and they think it a new login. At best PWs are still very primitive and punishment for web sites not protecting your data is far to soft.
    Sorry about the rant.

    • If you made a one-time purchase on a website and you used your credit or debit card, the website might have retained your credit card information to make it easier when you return. Anyone getting into that website would to purchase using your credit card. There may be some websites that really don’t matter, but if you stay in the habit of using strong unique passwords, you’ll be better protected.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.